The following table includes limitations associated with the PAN-OS 7.1 release.
Issue ID Description
PAN-76757 If the firewall collects IP address-to-username mappings by monitoring numerous servers at short intervals ( Device > User Identification > User Mapping > Palo Alto Networks User-ID Agent Setup > Server Monitor > Server Log Monitor Frequency) in networks with high user log-in rates, the best practice is to deploy Windows-based User-ID agents instead of the PAN-OS integrated User-ID agent. Using Windows-based User-ID agents avoids the risk of the firewall running out of memory while querying the servers.

Related Documentation